Books: A Users Report
Continual changes among protocols and standards require updated documentation and information for the administrator and the developer. Therefore, this column includes reviews of a new edition of a TCP/IP book, as well as a new release of a combination CD-ROM/book package. Ill also present some classics that I find helpful, a new reference card, and a new security offering. Specifically, I reviewed: Internetworking with TCP/IP Volume I: Principles, Protocols, and Architectures, Fourth Edition by Douglas E. Comer (Prentice Hall), The UNIX CD Bookshelf, Version 2.1 (OReilly & Associates, Inc.), and the Linux Security Toolkit by David A Bandel (M&T Books).
News and Notes
The classic writing handbook, The Elements of Style, Fourth Edition by William Strunk Jr. and E. B. White (Allyn & Bacon, ISBN 0-205-30902-X, $6.95), continues to illustrate the fundamental principles of good writing. Whether composing a sentence, report, FAQ, or HOWTO, this book is the most essential and straightforward reference available. The latest edition even includes a glossary for the writers convenience.
An eight-sided CVS Reference Card is available from SourceGear Corporation (http://www.sourcegear.com; Email: firstname.lastname@example.org.) It provides the CVS command syntax, global options, keyword expansion modes, keywords, commands, command options, and command arguments. Its great for those of us who tend to forget syntax or confuse grep, vi, or cdplay options with CVS options and wonder why the commands dont work!
The Writers FAQs: A Pocket Handbook by Muriel Harris (Prentice Hall, ISBN 0-13-021025-0, $14.95) is a handy reference-card sized book that is particularly useful for questions when writing email. Each chapter begins with a list of questions and where the answers can be found. Harris discusses clarity, transitions, punctuation, spelling, references, and spelling checkers. The result is an easily accessed guide with hints, tables, and a substantial online section for further research.
Internetworking with TCP/IP Volume I:
Principles, Protocols, and Architectures
Douglas E. Comer
This classic analysis of TCP/IP concepts and structures has been expanded, updated, and modified to reflect the corresponding changes in the TCP/IP protocol suite. Comer has added several new sections and chapters since the previous version was published in 1995. Some of the additional or expanded topics include: Mobile IP, Virtual Private Networks (VPN), Network Address Translation (NAT), voice and video over IP, the World Wide Web protocols, Internet security using IPsec, IP multicasting, and Random Early Discard (RED). Comer also revised the description of the individual protocols to reflect their most current versions. Internetworking with TCP/IP Volume I: Principles, Protocols, and Architectures, Fourth Edition continues to provide an excellent and definitive TCP/IP resource and an essential textbook on the TCP/IP protocol suite. Anyone involved with TCP/IP, its concepts, design, and implementations will appreciate this expanded and updated edition of Volume I.
The UNIX CD Bookshelf Version 2.1
OReilly & Associates, Inc.
Printed text included
One of the misconceptions surrounding computer geeks, gurus, and wizards is that they know everything about computer hardware and software instantaneously and without any aids. While this is a flattering belief, it is still a myth. Most computer professionals depend on excellent documentation to discover the idiosyncrasies of computer programs, operating systems, and hardware. The UNIX CD Bookshelf, Version 2.1, contains some of the best books on essential UNIX concepts that have been published by OReilly & Associates, Inc., in a compact format. (There are two other OReilly CD Bookshelf selections: The Networking CD Bookshelf, ISBN 1-56592-523-8, $79.95, and The Perl CD Bookshelf, ISBN 1-56592-462-2, $59.95.)
The UNIX CD Bookshelf contains six books on a CD-ROM, plus the printed version of UNIX in a Nutshell, Third Edition by Arnold Robbins (ISBN 1-56592-427-4, $24.95). This recently updated version covers both System V Release 4 and Solaris 7 flavors of the UNIX Operating System. Robbins (renowned for his books on sed & awk, and vi, plus individual reference cards on HTML, sed & awk, and vi) lists the major revisions to UNIX in a Nutshell in the preface. Some of the changes include: the addition of sixty commands, a new chapter on the troff man macros, an Appendix with Obsolete Commands that are still packaged with UNIX SVR4 or Solaris, plus updated coverage of RCS (Revision Control System) 5.7, GNU Emacs Version 20, and both 1988 and 1993 versions of ksh (Korn Shell).
The other five books on the CD-ROM are: Learning the UNIX Operating System, 4th Edition by Jerry Peek, Grace Todino, and John Strang (ISBN 1-56592-390-1, $10.95), Learning the vi Editor, 6th Edition by Linda Lamb and Arnold Robbins (ISBN 1-56592-426-6, $24.95), sed & awk, Second Edition by Dale Dougherty and Arnold Robbins (ISBN 1-56592-225-5, $29.95), Learning the Korn Shell by Bill Rosenblatt (ISBN 1-56592-054-6, $29.95), and UNIX Power Tools, Second Edition by Jerry Peek, Tim OReilly, Mike Loukides, and other authors of the Nutshell Handbooks, including Linda Mui, Dale Dougherty, Larry Wall, and Randal Schwartz, plus Usenet contributors including Chris Torek, Jonathan Kamens, Bruce Barnett, and Tom Christiansen (ISBN 1-56592-260-3, $59.95). These books address many different topics, from an introduction to the UNIX system structure and its accompanying commands, through creating and editing documents, to shell programming and scripting. UNIX Power Tools is in a class by itself; it debuted in 1993 and the second edition appeared in 1997. It remains one of my favorite books, whether I am aimlessly browsing or searching for an answer to a specific question. Its like looking through a rolltop desk with treasures in secluded compartments and corners.
The CD-ROM uses your Web browser and can search through one book or all six books at once. It doesnt require setup, installation, or use any space on your hard drive. The user/reader can either look for something specific or go through each chapter in one or all six of the books, browsing the same way that you would flip through pages. Individually, the selections in The UNIX CD Bookshelf, Version 2.1, present information on several topics and levels from beginning to advanced. Together, they unite to provide an extraordinary package that can assist any user in becoming more proficient on any type of UNIX or Linux system. The combination book and CD-ROM is the most efficient way to carry 2,835 pages of information (not including covers, prefaces, introductions, or additional CD-ROMs) wherever you may need or want additional tools and documentation. The UNIX CD Bookshelf is an outstanding and versatile complement to every UNIX or Linux system.
Linux Security Toolkit
David A Bandel
Recent months (and their accompanying viruses) have emphasized the need for effective security measures. Fortunate administrators were alerted to the possible intrusions before they occurred. Others spent a lot of time double checking systems for damage and restoring data. In The Linux Security Toolkit, Bandel explains security concepts and procedures for the home user or small business owners using Linux systems. The author divided the information into four sections: Your Host, Your Network, Firewalls and Special-Purpose Software, and Security Auditing. The introductory section, Your Host, addresses topics in the following order: User, Groups, and Security, User and Group Security, Files and Permissions, SUID/SGID Settings (files/directories), File System Layout, The /proc File System, Bootup Process, and Physical Security and Console Attacks. These chapters discuss file permissions, account ownership, and several ways in which a system may be compromised by intruders.
In Part II: Your Network, Bandel describes: a Network Primer (How Things Work and Why), Common (Well-Known) Services, inetd, inetd.conf, and Network Attacks (Rooting the Box), Vulnerable Services and Protocols, DoS Attacks and How They Work, Mitigating Your Vulnerabilities, and Using TCP Wrappers. The information in this section extends from the single system described in the first section to a network, illustrates how it functions, and examines some of the types of attacks that it could experience. The following section explores firewalls and special-purpose software. The individual chapters that comprise this section include: Using Packet Filter Firewalls, Implementing a Proxying Firewall with Squid, Securing Samba, IP Masquerading and Port Forwarding, Assessing Samba Security, Installing and Running a Secure Apache Web Server, and Using Secure Shell and VPNs. In this section, Bandel explains the firewall capabilities available to the Linux administrator and how to utilize them. The final section, Security Auditing, shows you where your system automatically stores information about system processes and how to access and customize where this data is stored.
The author describes auditing through: Configuring syslog, Reading var/log Files, Using Network Security Monitoring Tools, Using Network Monitoring Tools, and Finding Information to Keep Your System Secure. The Appendices contain A) Guide to Network Scanners and Security Utilities, and B) Whats on the CD-ROM plus the End-User License Agreement, the GNU General Public License, the BSD-Based License, and the CD-ROM Installation Instructions. The accompanying CD-ROM includes Caldera OpenLinux plus a collection of security RFCs and programs.
The Linux Security Toolkit provides a thorough explanation and description of security procedures and practices for the Linux operating system. Bandel thoroughly describes numerous security-related techniques and principles, revealing the background and the precautionary measures a user can take to prevent any intrusions. Throughout the book, he utilizes several icons to assist his explanation: On the CD-ROM, Tips, Notes, Cautions, Cross-references, and sidebars. The author explains each topic in-depth, demonstrating a writing style that is both clear and logical. Although Caldera OpenLinux accompanies the book, the explanations are applicable to any of the Linux distributions. The Linux Security Toolkit is a valuable addition to the existing Linux and security resources. Anyone using Linux as a home or small business system should definitely examine this excellent book.
About the Author
Elizabeth Zinkann has been involved in the UNIX and C environment for the past 13 years. She is currently a UNIX and C consultant, and one of her specialties is UNIX education. In addition to her computer science background, she also has a degree in English. Her writing has also appeared in Linux Magazine, Performance Computing, and Network Administrator. Elizabeth can be reached at: email@example.com.